1 to 25 of 378 Incident Response Jobs in the UK excluding London

a global basis, the resilience of operations has become a board level issue. You will provide our clients with a full spectrum of services, covering proactive and reactive Cyber Incident Response (CIR) Services. The proactive arm of our business covers a breadth of propositions, including playbook development, wargaming, readiness assessments, post-breach assessments, managed threat hunting as well … as implementing response automation technologies. Our specialists work with clients to uplift their maturity and fundamentally enhance their preparedness to respond, via targeted capability uplift, C-Suite awareness campaigns and training. Our technical response team support our clients in live incident responses by working to identify root causes and evict threats. Our professionals apply their experience and … award-winning vendor relationships, we can do whatever it takes - from improving the security of a single component to delivering a holistic security and privacy program. As a Cyber Incident Response Advisory and Incident Management Senior Manager or Associate Director, you will focus on developing our business across both proactive and reactive services, whilst leading our advisory More ❯

a global basis, the resilience of operations has become a board level issue. You will provide our clients with a full spectrum of services, covering proactive and reactive Cyber Incident Response (CIR) Services. The proactive arm of our business covers a breadth of propositions, including playbook development, wargaming, readiness assessments, post-breach assessments, managed threat hunting as well … as implementing response automation technologies. Our specialists work with clients to uplift their maturity and fundamentally enhance their preparedness to respond, via targeted capability uplift, C-Suite awareness campaigns and training. Our technical response team support our clients in live incident responses by working to identify root causes and evict threats. Our professionals apply their experience and … award-winning vendor relationships, we can do whatever it takes - from improving the security of a single component to delivering a holistic security and privacy program. As a Cyber Incident Response Advisory and Incident Management Senior Manager or Associate Director, you will focus on developing our business across both proactive and reactive services, whilst leading our advisory More ❯

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point of application. Accenture is a leading global professional services company … CEO Accenture’s Security is one of the fastest growing areas of the business with significant growth plans through additional recruitment and acquisitions. Our global Cyber Investigation and Forensic Response (CIFR) practice is rapidly expanding in order to uniquely deliver around the clock incident response services to our expanding portfolio of enterprise customers. The sheer variety and … global team, you'll be working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. In our team you will: · Lead incident response engagements, including co-ordination of other assigned resources for on-site and remote investigations · Identify and investigate intrusions to determine the cause and extent of the breach More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

Security Engineer to strengthen their cyber resilience and ensure effective protection against evolving threats. This role combines technical security expertise with the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring/… is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike Falcon , including creation and implementation … and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT and leadership teams to improve overall cyber security maturity. Person Profile We are looking for a candidate who is proactive, analytical, and able to communicate More ❯

boards from below onwards The Role As SOC Manager: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC … activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports … to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients More ❯

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … s network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will: Lead the response to escalated and high-severity cyber incidents, ensuring rapid containment and recovery. Conduct advanced threat hunting across IT and OT environments to identify and eliminate hidden threats. Develop and … enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform More ❯

Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … s network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will: Lead the response to escalated and high-severity cyber incidents, ensuring rapid containment and recovery. Conduct advanced threat hunting across IT and OT environments to identify and eliminate hidden threats. Develop and … enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform More ❯

designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure. In this … for attackers, your role will be nothing short of critical as you seek out advanced threats, attackers, and Indicators of Compromise (IOCs). Your expertise in endpoint detection and response (EDR) will be the shield that safeguards individual workstations, laptops, servers, and other devices from cybercrime. Your responsibilities go beyond vigilance. When it comes to network security, you'll … utilize Network Detection and Response (NDR) to monitor the ever-flowing currents of network traffic. The incident management process will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Senior Detection & Response Engineer Cambridgeshire Based - 1-2 days a week on site We are looking for a highly experienced Senior Detection & Response Engineer to join our client's growing security team. In this critical role, you'll be instrumental in developing a best-in-class incident response function, leading investigations into complex security events, and … building scalable detection and response capabilities across the organisation. This is an exciting opportunity to work at the heart of a modern security operation - building the tools, automation, and processes that enable the business to detect, respond to, and learn from security threats effectively. What You'll Be Doing: Investigate and respond to security events with clarity and precision … triage, analyse, and manage incidents from end to end Develop and improve detection and response processes, technologies, and work flows Design and implement tools to collect and analyse security telemetry from cloud environments Automate security workflows to enhance detection accuracy and reduce response time Build and fine-tune detection rules to focus efforts on high-fidelity alerts Create More ❯

Are you a proactive security professional ready to lead incident response and shape the future of security operations across a global enterprise? Join a market-leading organization undergoing a major transformation to build a Group Shared Services model across the UK, Ireland, and the US. This is your chance to play a pivotal role in strengthening security posture … across diverse business models-including third-party and franchisee environments. Responsibilities: Lead incident response across multiple regions and business units. Drive security gap analysis and remediation strategies. Manage vulnerability detection and resolution using tools like Tenable, Nessus, and Microsoft Defender. Collaborate with internal teams, external vendors, and franchisees. Develop and refine security documentation and executive reporting. Contribute to … the evolution of a standardized incident response framework. Requirements: Hands-on experience in incident response and vulnerability management. Strong technical skills in Azure 365, Microsoft Defender, Sentinel, Tenable, and Nessus. Ability to translate complex technical issues into clear, actionable insights. Excellent stakeholder engagement and communication skills. Experience in Microsoft-centric environments and distributed/franchisee models More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong … compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for … desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical, problem-solving More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead. Permanent - FT. Salary starting at £70,000 per annum About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information … risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security … incidents within the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, Incident More ❯

Join Police Digital Service as NMC Cyber Incident Management Lead. Permanent - FT. Salary starting at £70,000 per annum About Police Digital Service Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. The National Management Centre (NMC) is part of Police Digital Service and provides visibility and control of information … risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Responsible for the co-ordination and effective reporting of cyber security … incidents within the NMC, along with any issues concerning quality and delivery of the service. You will have line management responsibility for the team of Cyber Incident Leads. Accountable for the evolution and development of the Incident Management Service with regards to continuously improving People, Processes and Technology. Responsible for the progression of key service deliverables, Incident More ❯

Incident Responder/IR Consultant Hybrid - UK WideUp to £85k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for an Incident Responder (IR/DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such … as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. … You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis More ❯

Head of IT Security Incident and Threat Management - Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company's digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role is based on site for the first 3 months followed by a hybrid working arrangement. Key Responsibilities Develop More ❯

Job Title: Head of Cyber Security Salary: £82,000 - £95,000 Location: London Key Skills: Cyber Security Strategy & Governance, Incident Response & Risk Management, Stakeholder & Board-Level Communication, Leadership & Team Development We are seeking a highly experienced Head of Cyber Security to lead the delivery of a best-in-class security posture within a large, complex public sector organisation. … Cyber Essentials Plus). Proven experience in developing and delivering cyber security strategies within complex organisations. Hands-on expertise across infrastructure, applications, and cloud environments. Track record of leading incident response, threat detection and vulnerability management activities. Strong leadership and stakeholder management skills, with the ability to engage senior executives, boards, and technical teams alike. Experience influencing and … manager ready to step up into a "Head of" role. Job Title: Head of Cyber Security Salary: £82,000 - £95,000 Location: London Key Skills: Cyber Security Strategy & Governance, Incident Response & Risk Management, Stakeholder & Board-Level Communication, Leadership & Team Development Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more More ❯

lead and develop a team of security professionals, oversee the delivery and ongoing management of our security infrastructure, and act as the go-to technical expert in threat detection, incident response, and vulnerability management. Were looking for someone with strong leadership skills, a deep knowledge of the cyber security landscape, and a real passion for safeguarding digital assets. … and Data, helping to build strong cyber security awareness. Oversee day-to-day security operations, using tools like MDR, SIEM, endpoint protection, and firewalls to keep us protected. Lead incident response, creating and maintaining playbooks and ensuring quick, effective action during any breaches. Stay ahead of threats by managing vulnerabilities, coordinating penetration tests, applying patches, and analysing threat … record of leading and mentoring a team. Extensive experience with security technologies such as SIEM, firewalls, intrusion detection/prevention systems, and vulnerability scanning tools. In-depth knowledge of incident response procedures, threat hunting, and forensic investigation techniques. Strong understanding of networking protocols, operating systems, and cloud security principles. Qualifications Bachelor's degree in Computer Science, Information Security More ❯

Do you enjoy working across teams to improve security awareness and compliance? Want to make a real impact in a growing organisation? If you’re confident in network defence, incident response, and stakeholder collaboration — this could be your next move. About the Role We’re looking for a proactive and skilled Information Security Analyst to strengthen our cybersecurity … ll manage key platforms like CyGlass and KnowBe4, coordinate with external partners including Pentest People, and support internal compliance efforts. This is a hands-on role with variety — from incident response and penetration testing coordination to user training and policy development. Key Responsibilities Security Operations & Monitoring • Manage and monitor the CyGlass network defence platform • Coordinate penetration testing and … Pentest People • Provide regular updates to internal stakeholders on security posture Candidate Requirements Essential Skills & Experience • Experience in information security or infrastructure engineering • Strong understanding of network security and incident response • Familiarity with CyGlass, Pentest People, or similar platforms • Experience with KnowBe4 or other cybersecurity training tools • Knowledge of data protection regulations (e.g., GDPR, ISO27001) • Excellent communication and More ❯

Senior Incident Responder - SOC Analyst (L3) £71000 GBP Hybrid WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Senior Incident Responder - SOC Analyst (L3) Location: UK-wide (hybrid/on-site as required) Salary: £71,000 + Bonus Clearance: Must be eligible for SC Clearance Our client is a global consulting and technology services firm, supporting public … and private sector organisations with complex digital and cyber transformation. They are building out their UK Security Practice and are seeking a Senior Incident Responder - SOC Analyst (L3) to lead investigations, manage escalations, and strengthen cyber resilience for mission-critical environments. The Role As a Senior Incident Responder, you'll be the escalation point for L1 and L2 … to containment and remediation. You'll drive root cause analysis, ensure runbooks and playbooks are followed, and directly engage with clients and delivery managers to provide expert guidance on incident handling. This is a hands-on technical leadership role that combines investigation, response, threat intelligence, and collaboration with stakeholders. You'll also support service improvement, tool optimisation, and More ❯